-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathTools
181 lines (108 loc) · 6.13 KB
/
Tools
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
Tools
------
- [Frameworks/ Programming Tools](#frameworks-programming-tools)
- [Hardhat (JS) EVM](#hardhat-js-evm)
- [Truffle (JS) EVM](#truffle-js-evm)
- [Brownie (Python) EVM](#brownie-python-evm)
- [Foundry (Solidity) EVM](#foundry-solidity-evm)
- [Substrate Polkadot](#substrate-polkadot)
- [Visualization tools](#visualization-tools)
- [Blockchain Analysis](#blockchain-analysis)
- [Activity Monitoring](#activity-monitoring)
- [Threat Intelligence & On-chain Data:](#threat-intelligence--on-chain-data)
- [Vulnerability Scanners & Others:](#vulnerability-scanners--others)
- [Other Tools](#other-tools)
- [Resources](#resources)
# Frameworks/ Programming Tools
## [Hardhat](https://hardhat.org/) (JS) EVM
- [Hardhat Basic Tutorial](https://hardhat.org/tutorial)
## [Truffle](https://trufflesuite.com/) (JS) EVM
- [Truffle Basic Tutorial](https://trufflesuite.com/tutorial/)
## [Brownie ](https://eth-brownie.readthedocs.io/en/stable/)(Python) EVM
- [Brownie Basic Tutorial (Curve Finance)](https://www.youtube.com/watch?v=nkvIFE2QVp0)
## [Foundry](https://github.com/foundry-rs/foundry) (Solidity) EVM
- [Foundry Basic Tutorial](https://www.youtube.com/watch?v=fNMfMxGxeag)
- [How to use Foundry To PoC Bug Leads Part1](https://medium.com/immunefi/how-to-use-foundry-to-poc-bug-leads-part-1-214c9c02ff30 )
- [How to use Foundry To PoC Bug Leads Part2](https://medium.com/immunefi/how-to-use-foundry-to-poc-bug-leads-part-2-b7b3807400df)
## [Substrate](https://substrate.io/) Polkadot
## Visualization tools
- [solgraph](https://github.com/raineorshine/solgraph)<br/>
Creates a DOT graph that shows the function control flow of a Solidity contract and points out possible security flaws.
- [SOL2UML](https://github.com/naddison36/sol2uml)<br/>
Create an UML class diagram from a Solidity smart contract
- [Solidity Function Profiler](https://github.com/EricR/sol-function-profiler)<br/>
A command line tool that generates a human-readable report to list every function of a contract.
- [Sūrya](https://github.com/ConsenSys/surya)<br/>
It offers a variety of graphic outputs and details on the smart contracts' structure.
# Blockchain Analysis
Blockchain network explorers:
- [Ethereum](https://etherscan.io)
- [BNB Chain](https://bscscan.com)
- [Polygon](https://polygonscan.com)
- [Solana](https://solscan.io)
- [Fantom](https://fantomscan.com)
- [BitQuery](https://explorer.bitquery.io/)
Transaction viewers:
- [samczsun's Tx viewer](https://tx.eth.samczsun.com/)
- [Tenderly Dashboard](https://dashboard.tenderly.co/explorer)
- [Phalcon explorer](https://phalcon.blocksec.com/)
# Activity Monitoring
- [Forta Protocol](https://forta.org)
Detects threats and anomalies on DeFi, NFT, governance, bridges and other Web3 systems in real-time.
- [Tenderly](https://tenderly.co)
Ethereum developer platform to develop and monitor applications.
- [BlockSec Tools](https://tools.blocksec.com/tx)
Transactions analysis tool for Ethereum, Cronos and BNB Chain networks.
# Threat Intelligence & On-chain Data:
- [Chainalysis](https://www.chainalysis.com)
A blockchain-based data platform that helps governments and private sectors detect and prevent the illicit use of cryptos.
- [MistTrack](https://misttrack.io)
Crypto tracking platform.
- [Ellecptic](https://www.elliptic.co)
Blockchain analytics and crypto compliance platform.
- [Nansen](https://nansen.ai)
An on-chain data analytics paltform.
- [Messari](https://messari.io)
Open data library for cryptocurrency assets.
- [Cipher Trace](https://ciphertrace.com)
A blockchain analytics and compliance platform.
- [Codeslaw](https://www.codeslaw.app/)
Smart search for verified smart contracts on the blockchain
# Vulnerability Scanners & Others:
- [Slither](https://github.com/crytic/slither)
Static analyser for Solidity
- [Echidna](https://github.com/crytic/echidna)
Ethereum smart contract fuzzer.
- [Manticore](https://github.com/trailofbits/manticore)
Symbolic execution tool.
- [Mythril](https://github.com/ConsenSys/mythril)
Security analysis tool for EVM bytecode.
- [MythX](https://mythx.io)
Smart contract security verification service.
- [SolidityScan](https://solidityscan.com)
Automated smart contract vulnerability scanning tool.
- [Olympix](https://www.olympix.ai)
Automated smart contract security scanner.
- [ERC-20 Verifier](https://erc20-verifier.openzeppelin.com)
Check whether an ERC-20 smart contract confirms to the standards.
- [Solidity Visual Auditor](https://marketplace.visualstudio.com/items?itemName=tintinweb.solidity-visual-auditor)
Solidity smart contract security verification plugin for VS Code.
- [Scribble](https://github.com/ConsenSys/scribble)
Property testing and runtime verification tool.
- [Securify](https://github.com/eth-sri/securify2)
Security scanner for smart contracts on Ethereum, supported by ChainSecurity and the Ethereum Foundation
# Other Tools
- [SWC Registry](https://swcregistry.io/)
Smart contract weakness classification.
- [SCSVS Smart Contract Security Verification Standard](https://securing.github.io/SCSVS/)
14-path checklist created to standardize the security of smart contracts.
- [Ziion Linux distro fosuched on blockchain security](https://www.ziion.org/)
# Resources:
- [Top 10 Smart Contract Developer Tools You Need for 2022](https://betterprogramming.pub/the-top-blockchain-developer-frameworks-for-2021-89afa5e7bd04)
A comprehensive tooling guide for Smart Contract, Blockchain, Web3, Ethereum, and Solidity developers. Plus a brief look at Solana, Terra, and other rust-based tools
- [The Top Blockchain Developer Frameworks for 2021](https://betterprogramming.pub/the-top-blockchain-developer-frameworks-for-2021-89afa5e7bd04)
The best smart contract and blockchain developer frameworks, focusing on Ethereum smart contracts across all languages.
- [ConsenSys Ethereum Developer Tools List](https://github.com/ConsenSys/ethereum-developer-tools-list)
A guide to available tools, components, patterns and platforms for developing applications on Ethereum.
- [Nancentxyz Simple Security Toolkit](https://github.com/nascentxyz/simple-security-toolkit)
Collection of practical security-focused guides and checklists for smart contract development.